2022-07-28 16:07:38 +00:00
|
|
|
#include <winsock2.h>
|
|
|
|
|
#include <windows.h>
|
|
|
|
|
#include "windivert.hpp"
|
|
|
|
|
#include "dll.hpp"
|
|
|
|
|
#include "handle.hpp"
|
|
|
|
|
#include <llarp/util/thread/queue.hpp>
|
|
|
|
|
#include <llarp/util/logging.hpp>
|
2022-09-10 01:33:47 +00:00
|
|
|
#include <llarp/util/logging/buffer.hpp>
|
2022-07-28 16:07:38 +00:00
|
|
|
#include <thread>
|
|
|
|
|
extern "C"
|
|
|
|
|
{
|
|
|
|
|
#include <windivert.h>
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-22 22:59:54 +00:00
|
|
|
namespace
|
|
|
|
|
{
|
2022-11-22 23:39:22 +00:00
|
|
|
using namespace oxen::log::literals;
|
|
|
|
|
|
2022-11-22 22:59:54 +00:00
|
|
|
std::string
|
|
|
|
|
windivert_addr_to_string(const WINDIVERT_ADDRESS& addr)
|
|
|
|
|
{
|
|
|
|
|
std::string layer_str{};
|
|
|
|
|
std::string ifidx_str{};
|
|
|
|
|
switch (addr.Layer)
|
|
|
|
|
{
|
|
|
|
|
case WINDIVERT_LAYER_NETWORK:
|
|
|
|
|
layer_str = "WINDIVERT_LAYER_NETWORK";
|
2022-11-22 23:33:12 +00:00
|
|
|
ifidx_str =
|
|
|
|
|
"Network: [IfIdx: {}, SubIfIdx: {}]"_format(addr.Network.IfIdx, addr.Network.SubIfIdx);
|
2022-11-22 22:59:54 +00:00
|
|
|
break;
|
|
|
|
|
case WINDIVERT_LAYER_NETWORK_FORWARD:
|
|
|
|
|
layer_str = "WINDIVERT_LAYER_NETWORK_FORWARD";
|
|
|
|
|
break;
|
|
|
|
|
case WINDIVERT_LAYER_FLOW:
|
|
|
|
|
layer_str = "WINDIVERT_LAYER_FLOW";
|
|
|
|
|
break;
|
|
|
|
|
case WINDIVERT_LAYER_SOCKET:
|
|
|
|
|
layer_str = "WINDIVERT_LAYER_SOCKET";
|
|
|
|
|
break;
|
|
|
|
|
case WINDIVERT_LAYER_REFLECT:
|
|
|
|
|
layer_str = "WINDIVERT_LAYER_REFLECT";
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
layer_str = "unknown";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
std::string event_str{};
|
|
|
|
|
switch (addr.Event)
|
|
|
|
|
{
|
|
|
|
|
case WINDIVERT_EVENT_NETWORK_PACKET:
|
|
|
|
|
event_str = "WINDIVERT_EVENT_NETWORK_PACKET";
|
|
|
|
|
break;
|
|
|
|
|
case WINDIVERT_EVENT_FLOW_ESTABLISHED:
|
|
|
|
|
event_str = "WINDIVERT_EVENT_FLOW_ESTABLISHED";
|
|
|
|
|
break;
|
|
|
|
|
case WINDIVERT_EVENT_FLOW_DELETED:
|
|
|
|
|
event_str = "WINDIVERT_EVENT_FLOW_DELETED";
|
|
|
|
|
break;
|
|
|
|
|
case WINDIVERT_EVENT_SOCKET_BIND:
|
|
|
|
|
event_str = "WINDIVERT_EVENT_SOCKET_BIND";
|
|
|
|
|
break;
|
|
|
|
|
case WINDIVERT_EVENT_SOCKET_CONNECT:
|
|
|
|
|
event_str = "WINDIVERT_EVENT_SOCKET_CONNECT";
|
|
|
|
|
break;
|
|
|
|
|
case WINDIVERT_EVENT_SOCKET_LISTEN:
|
|
|
|
|
event_str = "WINDIVERT_EVENT_SOCKET_LISTEN";
|
|
|
|
|
break;
|
|
|
|
|
case WINDIVERT_EVENT_SOCKET_ACCEPT:
|
|
|
|
|
event_str = "WINDIVERT_EVENT_SOCKET_ACCEPT";
|
|
|
|
|
break;
|
|
|
|
|
case WINDIVERT_EVENT_SOCKET_CLOSE:
|
|
|
|
|
event_str = "WINDIVERT_EVENT_SOCKET_CLOSE";
|
|
|
|
|
break;
|
|
|
|
|
case WINDIVERT_EVENT_REFLECT_OPEN:
|
|
|
|
|
event_str = "WINDIVERT_EVENT_REFLECT_OPEN";
|
|
|
|
|
break;
|
|
|
|
|
case WINDIVERT_EVENT_REFLECT_CLOSE:
|
|
|
|
|
event_str = "WINDIVERT_EVENT_REFLECT_CLOSE";
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
event_str = "unknown";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return fmt::format(
|
|
|
|
|
"Windivert WINDIVERT_ADDRESS -- Timestamp: {}, Layer: {}, Event: {}, Sniffed: {}, "
|
|
|
|
|
"Outbound: {}, Loopback: {}, Imposter: {}, IPv6: {}, IPChecksum: {}, TCPChecksum: {}, "
|
|
|
|
|
"UDPChecksum: {}, {}",
|
|
|
|
|
addr.Timestamp,
|
|
|
|
|
layer_str,
|
|
|
|
|
event_str,
|
|
|
|
|
addr.Sniffed ? "true" : "false",
|
|
|
|
|
addr.Outbound ? "true" : "false",
|
|
|
|
|
addr.Loopback ? "true" : "false",
|
|
|
|
|
addr.Impostor ? "true" : "false",
|
|
|
|
|
addr.IPv6 ? "true" : "false",
|
|
|
|
|
addr.IPChecksum ? "true" : "false",
|
|
|
|
|
addr.TCPChecksum ? "true" : "false",
|
|
|
|
|
addr.UDPChecksum ? "true" : "false",
|
|
|
|
|
ifidx_str);
|
|
|
|
|
}
|
2022-11-22 23:33:12 +00:00
|
|
|
} // namespace
|
2022-11-22 22:59:54 +00:00
|
|
|
|
2022-07-28 16:07:38 +00:00
|
|
|
namespace llarp::win32
|
|
|
|
|
{
|
2022-10-27 22:11:11 +00:00
|
|
|
static auto logcat = log::Cat("windivert");
|
|
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
namespace wd
|
2022-07-28 16:07:38 +00:00
|
|
|
{
|
2022-09-12 12:40:33 +00:00
|
|
|
namespace
|
2022-07-28 16:07:38 +00:00
|
|
|
{
|
2022-09-12 12:40:33 +00:00
|
|
|
decltype(::WinDivertOpen)* open = nullptr;
|
|
|
|
|
decltype(::WinDivertClose)* close = nullptr;
|
|
|
|
|
decltype(::WinDivertShutdown)* shutdown = nullptr;
|
2022-11-22 21:30:39 +00:00
|
|
|
decltype(::WinDivertHelperCalcChecksums)* calc_checksum = nullptr;
|
2022-09-12 12:40:33 +00:00
|
|
|
decltype(::WinDivertSend)* send = nullptr;
|
|
|
|
|
decltype(::WinDivertRecv)* recv = nullptr;
|
|
|
|
|
decltype(::WinDivertHelperFormatIPv4Address)* format_ip4 = nullptr;
|
|
|
|
|
decltype(::WinDivertHelperFormatIPv6Address)* format_ip6 = nullptr;
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
void
|
|
|
|
|
Initialize()
|
|
|
|
|
{
|
|
|
|
|
if (wd::open)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
// clang-format off
|
|
|
|
|
load_dll_functions(
|
|
|
|
|
"WinDivert.dll",
|
|
|
|
|
|
|
|
|
|
"WinDivertOpen", open,
|
|
|
|
|
"WinDivertClose", close,
|
|
|
|
|
"WinDivertShutdown", shutdown,
|
2022-11-22 21:30:39 +00:00
|
|
|
"WinDivertHelperCalcChecksums", calc_checksum,
|
2022-09-12 12:40:33 +00:00
|
|
|
"WinDivertSend", send,
|
|
|
|
|
"WinDivertRecv", recv,
|
|
|
|
|
"WinDivertHelperFormatIPv4Address", format_ip4,
|
|
|
|
|
"WinDivertHelperFormatIPv6Address", format_ip6);
|
|
|
|
|
// clang-format on
|
|
|
|
|
}
|
|
|
|
|
} // namespace
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
struct Packet
|
2022-07-28 16:07:38 +00:00
|
|
|
{
|
2022-09-12 12:40:33 +00:00
|
|
|
std::vector<byte_t> pkt;
|
|
|
|
|
WINDIVERT_ADDRESS addr;
|
|
|
|
|
};
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
class IO : public llarp::vpn::I_Packet_IO
|
2022-07-28 16:07:38 +00:00
|
|
|
{
|
2022-09-12 12:40:33 +00:00
|
|
|
std::function<void(void)> m_Wake;
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
HANDLE m_Handle;
|
|
|
|
|
std::thread m_Runner;
|
2022-10-31 17:05:22 +00:00
|
|
|
std::atomic<bool> m_Shutdown{false};
|
2022-09-12 12:40:33 +00:00
|
|
|
thread::Queue<Packet> m_RecvQueue;
|
|
|
|
|
// dns packet queue size
|
|
|
|
|
static constexpr size_t recv_queue_size = 64;
|
|
|
|
|
|
|
|
|
|
public:
|
2022-09-13 20:24:25 +00:00
|
|
|
IO(const std::string& filter_spec, std::function<void(void)> wake)
|
2022-09-12 12:40:33 +00:00
|
|
|
: m_Wake{wake}, m_RecvQueue{recv_queue_size}
|
2022-07-28 16:07:38 +00:00
|
|
|
{
|
2022-09-12 12:40:33 +00:00
|
|
|
wd::Initialize();
|
2022-10-27 22:11:11 +00:00
|
|
|
log::info(logcat, "load windivert with filterspec: '{}'", filter_spec);
|
2022-09-12 12:40:33 +00:00
|
|
|
|
|
|
|
|
m_Handle = wd::open(filter_spec.c_str(), WINDIVERT_LAYER_NETWORK, 0, 0);
|
|
|
|
|
if (auto err = GetLastError())
|
|
|
|
|
throw win32::error{err, "cannot open windivert handle"};
|
2022-07-28 16:07:38 +00:00
|
|
|
}
|
|
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
~IO()
|
|
|
|
|
{
|
|
|
|
|
wd::close(m_Handle);
|
|
|
|
|
}
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
std::optional<Packet>
|
|
|
|
|
recv_packet() const
|
|
|
|
|
{
|
|
|
|
|
WINDIVERT_ADDRESS addr{};
|
|
|
|
|
std::vector<byte_t> pkt;
|
|
|
|
|
pkt.resize(1500); // net::IPPacket::MaxSize
|
|
|
|
|
UINT sz{};
|
|
|
|
|
if (not wd::recv(m_Handle, pkt.data(), pkt.size(), &sz, &addr))
|
|
|
|
|
{
|
|
|
|
|
auto err = GetLastError();
|
2022-10-27 22:11:11 +00:00
|
|
|
if (err == ERROR_NO_DATA)
|
2022-10-31 17:05:22 +00:00
|
|
|
// The handle is shut down and the packet queue is empty
|
2022-10-27 22:11:11 +00:00
|
|
|
return std::nullopt;
|
|
|
|
|
if (err == ERROR_BROKEN_PIPE)
|
|
|
|
|
{
|
2022-09-12 12:40:33 +00:00
|
|
|
SetLastError(0);
|
2022-10-27 22:11:11 +00:00
|
|
|
return std::nullopt;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log::critical(logcat, "error receiving packet: {}", err);
|
|
|
|
|
throw win32::error{
|
|
|
|
|
err, fmt::format("failed to receive packet from windivert (code={})", err)};
|
2022-09-12 12:40:33 +00:00
|
|
|
}
|
|
|
|
|
pkt.resize(sz);
|
2022-11-22 21:27:21 +00:00
|
|
|
|
|
|
|
|
log::trace(logcat, "got packet of size {}B", sz);
|
2022-11-22 22:59:54 +00:00
|
|
|
log::trace(logcat, "{}", windivert_addr_to_string(addr));
|
2022-09-12 12:40:33 +00:00
|
|
|
return Packet{std::move(pkt), std::move(addr)};
|
|
|
|
|
}
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
void
|
2022-11-22 22:48:03 +00:00
|
|
|
send_packet(Packet w_pkt) const
|
2022-09-12 12:40:33 +00:00
|
|
|
{
|
2022-11-22 21:30:39 +00:00
|
|
|
auto& pkt = w_pkt.pkt;
|
|
|
|
|
auto* addr = &w_pkt.addr;
|
|
|
|
|
|
2022-11-22 21:32:15 +00:00
|
|
|
addr->Outbound = !addr->Outbound; // re-used from recv, so invert direction
|
|
|
|
|
|
2022-10-27 22:11:11 +00:00
|
|
|
log::trace(logcat, "send dns packet of size {}B", pkt.size());
|
2022-11-22 22:59:54 +00:00
|
|
|
log::trace(logcat, "{}", windivert_addr_to_string(w_pkt.addr));
|
2022-11-22 21:27:21 +00:00
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
UINT sz{};
|
2022-11-22 21:30:39 +00:00
|
|
|
// recalc IP packet checksum in case it needs it
|
|
|
|
|
wd::calc_checksum(pkt.data(), pkt.size(), addr, 0);
|
|
|
|
|
|
2022-10-31 17:05:22 +00:00
|
|
|
if (!wd::send(m_Handle, pkt.data(), pkt.size(), &sz, addr))
|
|
|
|
|
throw win32::error{"windivert send failed"};
|
2022-09-12 12:40:33 +00:00
|
|
|
}
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
virtual int
|
|
|
|
|
PollFD() const
|
|
|
|
|
{
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-10-27 22:01:56 +00:00
|
|
|
bool
|
2022-10-20 22:23:14 +00:00
|
|
|
WritePacket(net::IPPacket) override
|
2022-09-12 12:40:33 +00:00
|
|
|
{
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-10-27 22:01:56 +00:00
|
|
|
net::IPPacket
|
2022-09-12 12:40:33 +00:00
|
|
|
ReadNextPacket() override
|
|
|
|
|
{
|
|
|
|
|
auto w_pkt = m_RecvQueue.tryPopFront();
|
|
|
|
|
if (not w_pkt)
|
|
|
|
|
return net::IPPacket{};
|
|
|
|
|
net::IPPacket pkt{std::move(w_pkt->pkt)};
|
|
|
|
|
pkt.reply = [this, addr = std::move(w_pkt->addr)](auto pkt) {
|
2022-10-31 17:05:22 +00:00
|
|
|
if (!m_Shutdown)
|
|
|
|
|
send_packet(Packet{pkt.steal(), addr});
|
2022-09-12 12:40:33 +00:00
|
|
|
};
|
|
|
|
|
return pkt;
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-27 22:01:56 +00:00
|
|
|
void
|
2022-09-12 12:40:33 +00:00
|
|
|
Start() override
|
|
|
|
|
{
|
2022-10-27 22:11:11 +00:00
|
|
|
log::info(logcat, "starting windivert");
|
2022-09-12 12:40:33 +00:00
|
|
|
if (m_Runner.joinable())
|
|
|
|
|
throw std::runtime_error{"windivert thread is already running"};
|
|
|
|
|
|
|
|
|
|
auto read_loop = [this]() {
|
2022-10-27 22:11:11 +00:00
|
|
|
log::debug(logcat, "windivert read loop start");
|
2022-09-12 12:40:33 +00:00
|
|
|
while (true)
|
2022-08-29 14:24:04 +00:00
|
|
|
{
|
2022-09-12 12:40:33 +00:00
|
|
|
// in the read loop, read packets until they stop coming in
|
|
|
|
|
// each packet is sent off
|
|
|
|
|
if (auto maybe_pkt = recv_packet())
|
|
|
|
|
{
|
|
|
|
|
m_RecvQueue.pushBack(std::move(*maybe_pkt));
|
|
|
|
|
// wake up event loop
|
|
|
|
|
m_Wake();
|
|
|
|
|
}
|
|
|
|
|
else // leave loop on read fail
|
|
|
|
|
break;
|
2022-08-29 14:24:04 +00:00
|
|
|
}
|
2022-10-27 22:11:11 +00:00
|
|
|
log::debug(logcat, "windivert read loop end");
|
2022-09-12 12:40:33 +00:00
|
|
|
};
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
m_Runner = std::thread{std::move(read_loop)};
|
|
|
|
|
}
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-10-27 22:01:56 +00:00
|
|
|
void
|
2022-09-12 12:40:33 +00:00
|
|
|
Stop() override
|
|
|
|
|
{
|
2022-10-27 22:11:11 +00:00
|
|
|
log::info(logcat, "stopping windivert");
|
2022-10-31 17:05:22 +00:00
|
|
|
m_Shutdown = true;
|
2022-09-12 12:40:33 +00:00
|
|
|
wd::shutdown(m_Handle, WINDIVERT_SHUTDOWN_BOTH);
|
|
|
|
|
m_Runner.join();
|
|
|
|
|
}
|
|
|
|
|
};
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
} // namespace wd
|
2022-07-28 16:07:38 +00:00
|
|
|
|
2022-09-12 12:40:33 +00:00
|
|
|
namespace WinDivert
|
2022-07-28 16:07:38 +00:00
|
|
|
{
|
2022-09-12 12:40:33 +00:00
|
|
|
std::string
|
|
|
|
|
format_ip(uint32_t ip)
|
|
|
|
|
{
|
|
|
|
|
std::array<char, 128> buf;
|
|
|
|
|
wd::format_ip4(ip, buf.data(), buf.size());
|
|
|
|
|
return buf.data();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
std::shared_ptr<llarp::vpn::I_Packet_IO>
|
2022-09-13 20:24:25 +00:00
|
|
|
make_interceptor(const std::string& filter_spec, std::function<void(void)> wake)
|
2022-09-12 12:40:33 +00:00
|
|
|
{
|
|
|
|
|
return std::make_shared<wd::IO>(filter_spec, wake);
|
|
|
|
|
}
|
|
|
|
|
} // namespace WinDivert
|
2022-07-28 16:07:38 +00:00
|
|
|
|
|
|
|
|
} // namespace llarp::win32
|
